tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/CleanSpec.mk
Bowgo Tsai afbcf21bfb Renames nonplat_* to vendor_* 
This change renames the non-platform sepolicy files on a DUT from
nonplat_* to vendor_*.

It also splits the versioned platform sepolicy from vendor_sepolicy.cil
to a new file /vendor/etc/selinux/plat_pub_versioned.cil. And only keeps
vendor customizations in vendor_sepolicy.cil.

Build variable BOARD_SEPOLICY_DIRS is also renamed to
BOARD_VENDOR_SEPOLICY_DIRS.

Bug: 64240127
Test: boot bullhead/taimen
Change-Id: Iea2210c9c8ab30c9ecbcd8146f074e76e90e6943
2018-02-05 18:21:55 +08:00

122 lines
7.2 KiB
Makefile
Raw Blame History

# Copyright (C) 2015 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# If you don't need to do a full clean build but would like to touch
# a file or delete some intermediate files, add a clean step to the end
# of the list. These steps will only be run once, if they haven't been
# run before.
#
# E.g.:
# $(call add-clean-step, touch -c external/sqlite/sqlite3.h)
# $(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/STATIC_LIBRARIES/libz_intermediates)
#
# Always use "touch -c" and "rm -f" or "rm -rf" to gracefully deal with
# files that are missing or have been moved.
#
# Use $(PRODUCT_OUT) to get to the "out/target/product/blah/" directory.
# Use $(OUT_DIR) to refer to the "out" directory.
#
# If you need to re-do something that's already mentioned, just copy
# the command and add it to the bottom of the list. E.g., if a change
# that you made last week required touching a file and a change you
# made today requires touching the same file, just copy the old
# touch step and add it to the end of the list.
#
# ************************************************
# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST
# ************************************************
# For example:
#$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/APPS/AndroidTests_intermediates)
#$(call add-clean-step, rm -rf $(OUT_DIR)/target/common/obj/JAVA_LIBRARIES/core_intermediates)
#$(call add-clean-step, find $(OUT_DIR) -type f -name "IGTalkSession*" -print0 | xargs -0 rm -f)
#$(call add-clean-step, rm -rf $(PRODUCT_OUT)/data/*)
# ************************************************
# NEWER CLEAN STEPS MUST BE AT THE END OF THE LIST
# ************************************************
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/file_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/file_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/service_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/service_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/plat_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/plat_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/selinux/plat_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/vendor/etc/selinux/nonplat_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/vendor/etc/selinux/mapping_sepolicy.cil)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/selinux/plat_sepolicy.cil.sha256)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/vendor/etc/selinux/precompiled_sepolicy.plat.sha256)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/selinux/mapping_sepolicy.cil)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/vendor/etc/selinux/nonplat_service_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/ETC/nonplat_service_contexts_intermediates)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/NOTICE_FILES/src/vendor/etc/selinux/nonplat_service_contexts.txt)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_sepolicy.cil)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_file_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_hwservice_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_mac_permissions.xml)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_property_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_seapp_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_file_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_property_contexts)
# For non-Treble devices.
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_file_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_hwservice_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_seapp_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/vendor_sepolicy.cil)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/vendor_file_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/vendor_hwservice_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/vendor_mac_permissions.xml)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/vendor_property_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/vendor_seapp_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/vendor_file_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/vendor_property_contexts)
# For non-Treble devices.
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/vendor_file_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/vendor_hwservice_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/vendor_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/vendor_seapp_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_sepolicy.cil)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_file_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_hwservice_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_mac_permissions.xml)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_property_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_seapp_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_file_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_hwservice_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_seapp_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_service_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_file_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_hwservice_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_property_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_seapp_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/root/nonplat_service_contexts)
Reference in a new issue View git blame Copy permalink